Please ensure Javascript is enabled for purposes of website accessibility

Please Don’t Be Like This Accountant Who Got Scammed Over Email

Posted on by Caleb Newquist

Here's an unfortunate situation that hopefully none of you ever have to go through:

The accountant for a U.S. company recently received an e-mail from her chief executive, who was on vacation out of the country, requesting a transfer of funds on a time-sensitive acquisition that required completion by the end of the day. The CEO said a lawyer would contact the accountant to provide further details.

“It was not unusual for me to receive e-mails requesting a transfer of funds,” the accountant later wrote, and when she was contacted by the lawyer via e-mail, she noted the appropriate letter of authorization—including her CEO’s signature over the company’s seal—and followed the instructions to wire more than $737,000 to a bank in China.

The next day, when the CEO happened to call regarding another matter, the accountant mentioned that she had completed the wire transfer the day before. The CEO said he had never sent the e-mail and knew nothing about the alleged acquisition.

And you might think, "You have to be pretty stupid to get scammed over email," but the FBI notice says that "Business E-Mail Compromise" frauds have duped more than 7,000 businesses with losses in excess of $740 million over the last couple of years. Crikey, that's a lot. Does gullibility result in that much fraud? If so, yikes.

Here's more:

[A]fter the accountant spoke to her CEO on the phone, she immediately reviewed the e-mail thread. “I noticed the first e-mail I received from the CEO was missing one letter; instead of .com, it read .co.” On closer inspection, the attachment provided by the “lawyer” revealed that the CEO’s signature was forged and the company seal appeared to be cut and pasted from the company’s public website. Further assisting the perpetrators, the website also listed the company’s executive officers and their e-mail addresses and identified specific global media events the CEO would attend during the calendar year.

Yeah, it's a little sloppy that a single email from a CEO along with a lone signature over a company seal would be enough to wire $737k. As Matt Levine writes:

[N]o one ever wants to talk on the phone any more, making it less likely that anyone will ever pick up the phone to verify e-mailed transfer instructions.

That might sound tedious, but it could save you the kind of embarrassment that causes people to lock themselves in a closet for a year. Be careful out there.

[FBI via Bloombergview]

Related Posts

Seems Hard to Believe That a Pre-Loaded Sponge Company Would Have to Resort to Fraud

Today in “they just made the numbers up” news, it’s shocking that a company with this business description:

We design, produce, market, and distribute cleaning products primarily for vehicular use utilizing patented technology relating to sponges containing hydrophilic, or liquid absorbing, foam polyurethane matrices and other technologies. Our products can be pre-loaded with detergents and waxes, which are absorbed in the core of the product then gradually released during use. We have designed and are conducting additional research and development for products and applications using hydrophilic technology and other technologies for kitchen and bath, health and beauty, auto, medial and pet use, which we intend to market and sell as part of our product offering. There is no assurance that we will successfully be able to market and sell products for kitchen and bath, health and beauty, auto, medial and/or pet use.

…would have to make up five customers out of thin air to account for 99% of their revenue:

According to the SEC’s complaint, after several years of relatively little business with a single customer comprising the bulk of Spongetech’s limited sales, Metter and Moskowitz began to paint a more promising and misleading picture of Spongetech’s business. Beginning in approximately April 2007, Spongetech issued dozens of phony press releases touting increasingly larger, yet fictitious, sales orders and revenue. The press releases fraudulently exaggerated the demand for pre-soaped sponges by referencing millions of dollars in sales orders, business, and revenue from five primary customers that purportedly accounted for 99 percent of Spongetech’s business, yet none of those customers actually existed.

Yes, they had an auditor. According to the the last 10-KSB filed it was Drakeford & Drakeford, LLC who has had their own share of trouble.

SEC Charges Spongetech and Senior Executives in Pump-and-Dump Scheme [SEC Press Release]
SEC v. Spongetech, et al. [SEC]

Ex-CFO of Taylor, Bean, & Whitaker Faces Up to Ten Years Without PeiWei

The Department of Justice trumpeted the guilty plea of Delton de Armas, the former CFO […]